I have site to site VPN tunnel running between ASA 5510 (8.2) and Cisco PIX506 (remote site). I need to enable users in remote office to surf the net. I was looking into the documentaion here and enabled traffic to enter/exit the same interface on ASA (same-security-traffic permit intra-interface), however there's something still missing. I'm not sure how to troubleshoot this issue...
ASA is configured to NAT inside clients to one public IP (VPN tunnel also terminates to this interface)
So when the packets to Internet arrives thru the tunnel, it needs to be sent out on the same interface and NATted (but to get tunnel to work I had to exempt intrested traffic from NAT). Is this causing a problem?
You are reffering to VPN clients... does the same logic pertain to site to site tunnels? Assuming that my remote site network in VPN tunnel config is 192.168.10.0/24, what commands should I issue to achive appropriate NAT config (U turn)?
Will these statements "NAT" traffic to Internet from my remote network, as you suggested?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...